Command Restriction for SSH
It is important to note that some commands in Unix are extremely powerful in terms of their magnitude of effect. Misuse of such commands may hamper development, maintenance, production or else create a security threat for confidential information. On the other hand, it is difficult to check illicit use of such commands in an IT environment where hundreds of commands are used everyday. Sectona PAM provides a solution to this problem with its Server Access Policy wherein you can restrict or allow the usage of certain commands for specific User Groups. You can choose these commands from the existing library or add to the Command Repository.
This chapter will consists of the following:
- Before you begin
- Creating a server access policy
- Defining privileged commands
- Editing a policy
- Editing a command from library
- Deleting a policy
- Deleting a command from library
Before you begin
- The User Group you wish to allow/deny access already exists.
Supported Access Types for Unix to enable
- SSH
- Telnet
Creating a server access policy
- Navigate to Policies on the top navigation bar.
- Select Server Access Policy from the sidebar.
- Click on the Unix section.
- Click on +Server Access Policy.
- Fill in the essentials(Policy details, User Groups and Parameters) in the form that appears.
- Policy Details: You need to enter the details of the policy that you require. Click on Next
- Policy Name: Provide the name of the policy you want to create.
- Description: Enter a short description about the policy.
- Policy Type: Select whether you want to allow or deny permissions.
- Expiry: Set the expiry date of the policy.
- User Groups: In the Enforced to User Group(s), specify the User groups you want to apply the server policies on. In the Exception User(s), mention the Users who will be exempted from the server access policy. Click on Next
- Parameters: Here, you can select the commands which you want to allow or restrict in your policy. Confirm option will allow you to ask the user who has hit the command saying whether he/she wants to execute the command. The Elevate option will allow the user to elevate the access to the privileged level. Click on Next
The Allow permission allows only the selected commands and restricts the rest of the commands. The Deny permission denies all the selected commands and allows the rest of the commands. The Confirm and Elevate options will appear only if the Policy Type is set as 'Allow' in the Policy details. You are free to select both the Confirm and Elevate options, one of them or none of them for a command. This policy works on SSH as well as SSHD sessions.
- Summary: This the summary of the configuration made. Click on Finish
Defining privileged commands
Command repository is an inbuilt store that holds all commands, restricted or otherwise. By default, there exists a list of general commands in the Command Repository. To add a new command into the repository follow the steps below:
- Navigate to Policies in the navigation bar.
- Select the Server Access Policy from the sidebar.
- Click on the Unix section.
- Click on Command Repository.
- Click on +Add Asset Command Unix.
- A page will appear. Fill in the essentials for your new command to be created.
- Risk category: According to the nature of the command,choose an appropriate risk category from the ones explained below:
- Unusual user activity: If the user is performing some unusual activity in the system.
- User activity: If a certain user activity is bringing about a risk.
- Unusual account activity: If the activities of an account in the system are unusual.
- Data theft and ex-filtration: Accessing unauthorized data and retrieving it from a system or server.
- Privilege account abuse: When a privileged user ignores the policies or some malicious activity occurs due to unauthorized access.
- Accountability risk: Someone is responsible for stealing the data from the system or server.
- Identity theft: Someone pretends to be someone else in order to get the access.
- General: Some misbehavior of the activities due to user performing it wrongly.
- Leapfrogging: Using system vulnerabilities to leap across barriers for unauthorized access.
- Command: Specify the command
- Command description: Describe the command description
- Asset command type: The command type may vary from the choice you made.
- Administrative
- Backup
- Configuration
- Remote access
- Risk category: According to the nature of the command,choose an appropriate risk category from the ones explained below:
- Click on Save.
Editing a policy
- Navigate to "Policies" in the navigation bar.
- Select the "Server Access Policy" from the sidebar.
- Click on the Unix tab.
- A list of existing Server Access Policies for Unix will be displayed on the screen.
- Click on to the policy name and make necessary changes in the form that appears.
- Click on the "Finish" button and your policy design will be updated.
Editing a command from library
- Navigate to the "Policies" option in the navigation bar.
- Select the "Server Access Policy" from the sidebar.
- Click on the Unix tab.
- Click on the "+Command Repository" button and a list of existing commands will be displayed.
- Click on the command you want to modify. Make necessary changes.
- Click on to the update button and your Unix command is been updated.
Deleting a policy
- Navigate to the "Policies" option in the navigation bar.
- Select the "Server Access Policy" from the sidebar.
- Now you will find two options to hover on: Unix and Windows.Click on the Unix section.
- As the new page open you will find the list of existing server access policies.
- Click on the delete icon in the last column and the form design will be deleted.
Description | Representation |
---|---|
Delete record |
Deleting a command from library
- Navigate to the "Policies" option in the navigation bar.
- Select the "Server Access Policy" from the sidebar.
- Now you will find two options to hover on: Unix and Windows.Click on the Unix section.
- Click on the "+Command Repository" button and the list of existing commands created will be in front of you.
- Click on any of the commands which you want to delete.
- Click on to the delete button and your Unix command will be removed from the list.
If there are any changes made in the policy when a session is started, one needs to restart the session again to implement those changes.